From d7427ab762a631228b121543d75ba10117fce90f Mon Sep 17 00:00:00 2001
From: Ruiyang Wu <58066925+ywwry66@users.noreply.github.com>
Date: Fri, 31 Mar 2023 15:52:33 -0400
Subject: [PATCH 1/2] Don't save mac metadata/extended attributes for `brew
 bottle`

This commit includes `--no-mac-metadata` `--no-acls` and `--no-xattrs`
in `default_tar_args` for `brew bottle` command.

Although `default_tar_args` is only active when `--only-json-tab` is
not passed, in which case we don't require reproducible bottles, it is
nonetheless beneficial to "regularize" tarball creation. In
particular, this resolves a sporadic `brew tests
--only=dev-cmd/bottle:20` failure (see
https://github.com/orgs/Homebrew/discussions/4376 and
https://github.com/Homebrew/brew/pull/14997).

Furthermore, with `gnu tar`, `--no-acls` and `--no-xattrs` are default
flags. As for "mac metadata", although I couldn't find official
documentation, this post (https://superuser.com/a/61188) shares some
info:
- Resource forks (resource forks have been extended attributes since 10.4)
  - Custom icons set in Finder and the images of Icon\r files
  - Metadata in PSD files
  - Objects stored in scpt files, AppleScript Editor window state, descriptions of scripts
- Information about aliases (aliases stop working if extended attributes are removed)
- Quarantine status or source URLs of files downloaded from the internet
- Spotlight comments
- Encoding of files saved with TextEdit
- Caret position of files opened with TextMate
- Skim notes

None of these is supposed to be in the bottle I believe.
---
 Library/Homebrew/dev-cmd/bottle.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Library/Homebrew/dev-cmd/bottle.rb b/Library/Homebrew/dev-cmd/bottle.rb
index 0bba2d5d9f..7ddc7a91e9 100644
--- a/Library/Homebrew/dev-cmd/bottle.rb
+++ b/Library/Homebrew/dev-cmd/bottle.rb
@@ -232,8 +232,11 @@ module Homebrew
   end
 
   def self.setup_tar_and_args!(args, mtime)
+    # TODO: Refactor and move to extend/os
     # Without --only-json-tab bottles are never reproducible
-    default_tar_args = ["tar", [].freeze].freeze
+    tar_args =
+      OS.mac? ? ["--no-mac-metadata", "--no-acls", "--no-xattrs"].freeze : ["--no-acls", "--no-xattrs"].freeze # rubocop:disable Homebrew/MoveToExtendOS
+    default_tar_args = ["tar", tar_args].freeze
     return default_tar_args unless args.only_json_tab?
 
     # Ensure tar is set up for reproducibility.

From 73a13800557966c81f94ea28e0462d3e2c10a66d Mon Sep 17 00:00:00 2001
From: Ruiyang Wu <58066925+ywwry66@users.noreply.github.com>
Date: Mon, 10 Apr 2023 16:18:56 -0400
Subject: [PATCH 2/2] dev-cmd/bottle: Refactor `setup_tar_and_args!` to
 extend/os

---
 Library/Homebrew/dev-cmd/bottle.rb            | 31 +++++++++++--------
 Library/Homebrew/extend/os/dev-cmd/bottle.rb  |  8 +++++
 .../extend/os/linux/dev-cmd/bottle.rb         | 12 +++++++
 .../Homebrew/extend/os/mac/dev-cmd/bottle.rb  |  9 ++++++
 4 files changed, 47 insertions(+), 13 deletions(-)
 create mode 100644 Library/Homebrew/extend/os/dev-cmd/bottle.rb
 create mode 100644 Library/Homebrew/extend/os/linux/dev-cmd/bottle.rb
 create mode 100644 Library/Homebrew/extend/os/mac/dev-cmd/bottle.rb

diff --git a/Library/Homebrew/dev-cmd/bottle.rb b/Library/Homebrew/dev-cmd/bottle.rb
index 7ddc7a91e9..48bd0f9e9e 100644
--- a/Library/Homebrew/dev-cmd/bottle.rb
+++ b/Library/Homebrew/dev-cmd/bottle.rb
@@ -231,26 +231,29 @@ module Homebrew
     system "/usr/bin/sudo", "--non-interactive", "/usr/sbin/purge"
   end
 
-  def self.setup_tar_and_args!(args, mtime)
-    # TODO: Refactor and move to extend/os
-    # Without --only-json-tab bottles are never reproducible
-    tar_args =
-      OS.mac? ? ["--no-mac-metadata", "--no-acls", "--no-xattrs"].freeze : ["--no-acls", "--no-xattrs"].freeze # rubocop:disable Homebrew/MoveToExtendOS
-    default_tar_args = ["tar", tar_args].freeze
-    return default_tar_args unless args.only_json_tab?
+  sig { returns(T::Array[String]) }
+  def self.tar_args
+    [].freeze
+  end
 
-    # Ensure tar is set up for reproducibility.
+  sig { params(mtime: String).returns(T::Array[String]) }
+  def self.reproducible_gnutar_args(mtime)
+    # Ensure gnu tar is set up for reproducibility.
     # https://reproducible-builds.org/docs/archives/
-    gnutar_args = [
+    [
       "--format", "pax", "--owner", "0", "--group", "0", "--sort", "name", "--mtime=#{mtime}",
       # Set exthdr names to exclude PID (for GNU tar <1.33). Also don't store atime and ctime.
       "--pax-option", "globexthdr.name=/GlobalHead.%n,exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime"
     ].freeze
+  end
 
-    # TODO: Refactor and move to extend/os
-    return ["tar", gnutar_args].freeze if OS.linux? # rubocop:disable Homebrew/MoveToExtendOS
+  sig { params(args: T.untyped, mtime: String).returns([String, T::Array[String]]) }
+  def self.setup_tar_and_args!(args, mtime)
+    # Without --only-json-tab bottles are never reproducible
+    default_tar_args = ["tar", tar_args].freeze
+    return default_tar_args unless args.only_json_tab?
 
-    # Use gnu-tar on macOS as it can be set up for reproducibility better than libarchive.
+    # Use gnu-tar as it can be set up for reproducibility better than libarchive.
     begin
       gnu_tar = Formula["gnu-tar"]
     rescue FormulaUnavailableError
@@ -259,7 +262,7 @@ module Homebrew
 
     ensure_formula_installed!(gnu_tar, reason: "bottling")
 
-    ["#{gnu_tar.opt_bin}/gtar", gnutar_args].freeze
+    ["#{gnu_tar.opt_bin}/gtar", reproducible_gnutar_args(mtime)].freeze
   end
 
   def self.formula_ignores(formula)
@@ -802,3 +805,5 @@ module Homebrew
     checksums
   end
 end
+
+require "extend/os/dev-cmd/bottle"
diff --git a/Library/Homebrew/extend/os/dev-cmd/bottle.rb b/Library/Homebrew/extend/os/dev-cmd/bottle.rb
new file mode 100644
index 0000000000..d87c5e5843
--- /dev/null
+++ b/Library/Homebrew/extend/os/dev-cmd/bottle.rb
@@ -0,0 +1,8 @@
+# typed: strict
+# frozen_string_literal: true
+
+if OS.mac?
+  require "extend/os/mac/dev-cmd/bottle"
+elsif OS.linux?
+  require "extend/os/linux/dev-cmd/bottle"
+end
diff --git a/Library/Homebrew/extend/os/linux/dev-cmd/bottle.rb b/Library/Homebrew/extend/os/linux/dev-cmd/bottle.rb
new file mode 100644
index 0000000000..f7807b2148
--- /dev/null
+++ b/Library/Homebrew/extend/os/linux/dev-cmd/bottle.rb
@@ -0,0 +1,12 @@
+# typed: true
+# frozen_string_literal: true
+
+module Homebrew
+  sig { params(args: T.untyped, mtime: String).returns([String, T::Array[String]]) }
+  def self.setup_tar_and_args!(args, mtime)
+    # Without --only-json-tab bottles are never reproducible
+    return ["tar", tar_args].freeze unless args.only_json_tab?
+
+    ["tar", reproducible_gnutar_args(mtime)].freeze
+  end
+end
diff --git a/Library/Homebrew/extend/os/mac/dev-cmd/bottle.rb b/Library/Homebrew/extend/os/mac/dev-cmd/bottle.rb
new file mode 100644
index 0000000000..ad0689473f
--- /dev/null
+++ b/Library/Homebrew/extend/os/mac/dev-cmd/bottle.rb
@@ -0,0 +1,9 @@
+# typed: true
+# frozen_string_literal: true
+
+module Homebrew
+  sig { returns(T::Array[String]) }
+  def self.tar_args
+    ["--no-mac-metadata", "--no-acls", "--no-xattrs"].freeze
+  end
+end